runc v1.3.5 -- "Lo viejo funciona!"

This is the fifth patch release of the 1.3.z release series of runc,
and primarily contains a few fixes for issues found in 1.3.4.

Fixed

• Recursive atime-related mount flags (rrelatime et al.) are now applied
  properly. (#5115, #5098)
• PR #4757 caused a regression that resulted in spurious
  cannot start a container that has stopped errors when
  running runc create and has thus been reverted. (#5158,
  #5153, #5151, #4645, #4757)

Changed

• Updated builds to Go 1.25, libseccomp v2.6.0. (#5111, #5053)
• Minor signing keyring updates. (#5146, #5139, #5144, #5148)

Static Linking Notices

The runc binary distributed with this release are statically linked with
the following GNU LGPL-2.1 licensed libraries, with runc acting
as a "work that uses the Library":

• libseccomp

The versions of these libraries were not modified from their upstream versions,
but in order to comply with the LGPL-2.1 (§6(a)), we have attached the
complete source code for those libraries which (when combined with the attached
runc source code) may be used to exercise your rights under the LGPL-2.1.

However we strongly suggest that you make use of your distribution's packages
or download them from the authoritative upstream sources, especially since
these libraries are related to the security of your containers.

---

Thanks to the following contributors for making this release possible:

• Aleksa Sarai cyphar@cyphar.com
• Kir Kolyshkin kolyshkin@gmail.com
• Li Fu Bang lifubang@acmcoder.com
• Ricardo Branco rbranco@suse.de

runc v1.5.0-rc.1 -- "憎しみを束ねてもそれは脆い！"

This is the first release candidate of the runc 1.5.0 release. It
contains a couple of new features, but is mostly made up of various
cleanups (such as the removal of many deprecated APIs) and improvements.
runc v1.5.0-rc.1 includes all of the patches backported to runc v1.4.1.

Users are strongly encouraged to test our release candidates over the
next two months so we can fix issues before the general release. You
should expect runc 1.5.0 to be released at the end of April 2026 (at
which point, runc 1.3.z will only receive high-severity security fixes
for 6 months and runc 1.2.z will become unmaintained -- users are thus
very strongly encouraged to migrate to a newer version).

libcontainer API

• The following deprecated Go APIs have been removed:
  • CleanPath, StripRoot, and WithProcfd from libcontainer/utils. Note
    that WithProcfdFile has not been removed (due to import cycle issues) but
    is instead marked as internal in its godoc comment. (#5051)
  • All of the cgroup-related types and functions from libcontainer/configs
    which are now maintained in github.com/opencontainers/cgroups (#5141):
    • libcontainer/configs.Cgroup
    • libcontainer/configs.Resources
    • libcontainer/configs.FreezerState
    • libcontainer/configs.LinuxRdma
    • libcontainer/configs.BlockIODevice
    • libcontainer/configs.WeightDevice
    • libcontainer/configs.ThrottleDevice
    • libcontainer/configs.HugepageLimit
    • libcontainer/configs.IfPrioMap
    • libcontainer/configs.Undefined
    • libcontainer/configs.Frozen
    • libcontainer/configs.Thawed
    • libcontainer/configs.NewWeightDevice
    • libcontainer/configs.NewThrottleDevice
  • libcontainer/configs.HookList.RunHooks. (#5141)
  • libcontainer/configs.MPOL_* (#5141)
  • All of the types in libcontainer/devices which are now maintained in
    github.com/opencontainers/cgroups/devices/config (#5141):
    • libcontainer/devices.Wildcard
    • libcontainer/devices.WildcardDevice
    • libcontainer/devices.BlockDevice
    • libcontainer/devices.CharDevice
    • libcontainer/devices.FifoDevice
    • libcontainer/devices.Device
    • libcontainer/devices.Permissions
    • libcontainer/devices.Type
    • libcontainer/devices.Rule
• libcontainer.Process methods (Wait, Pid, Signal) and
  libcontainer/configs.Config methods (HostUID, HostRootUID, HostGID,
  HostRootGID) now use pointer receivers. (#5088)
• The example code for libcontainer has been moved out of a README and into
  a proper Example* test file that will be compile-tested by our CI. As
  mentioned elsewhere, we still do not recommend users make use of the
  libcontainer API directly. (#5127)

Deprecated

• The libcontainer/configs.Mount.Relabel configuration field (used to relabel
  mounts with the z and Z "pseudo" mount options) was never accessible
  outside of the libcontainer API, and in practice the relabel logic has always
  lived in higher level runtimes. It has been made into a no-op and the field
  will be removed entirely in runc 1.7. (#5152, #5160)

Removed

• The memfd-bind helper binary has been removed, as it has never been
  particularly useful and was completely obsoleted by the changes to
  /proc/self/exe sealing we introduced in runc 1.2.0. (#5141)

Added

• User-namespaced containers can now configure user.* sysctls. (#4889)
• Intel RDT: the RDT subdirectory is now only removed if runc created it,
  matching the updated runtime-spec guidance. (#3832, #5155)

Changed

• Our release binaries and default build configuration now use libpathrs by
  default, providing better hardening against certain kinds of attacks. Users
  of runc should not see any changes as a result of this, but packagers will
  need to adjust their packaging accordingly. runc can still be built without
  libpathrs (by building without the libpathrs build tag), but we currently
  plan to make runc 1.6 require libpathrs. (#5103)
• runc exec will now request systemd to move the exec process into the
  container cgroup, making the procedure more rootless-friendly. (#4822)
• seccomp: minor documentation updates. (#4902)
• Errors from runc init have historically been quite painful to understand
  and debug, we have made several improvements to make them more comprehensive
  and thus useful when debugging issues. (#4951, #4928)
• Update spec conformance documentation for OCI runtime-spec v1.3.0. (#4948,
  #5150)
• Our release archives now have the name runc-$version.tar.xz to make distro
  packaging a little easier by matching the filename to the top-level directory
  name in the archive. (#5052)

Static Linking Notices

The runc binaries distributed with this release are statically linked with
the following GNU LGPL-2.1 licensed libraries, with runc acting
as a "work that uses the Library":

• libseccomp

Similarly, the runc binaries distributed with this release are also
statically linked with the following MPLv2 licensed libraries,
with runc acting as a "Larger Work":

• libpathrs

The versions of these libraries were not modified from their upstream versions,
but in order to comply with their corresponding licenses, we have attached the
complete source code for those libraries which (when combined with the attached
runc source code) may be used to exercise your rights under their respective
licenses.

However, we strongly suggest that you make use of your distribution's packages
or download them from the authoritative upstream sources, especially since
these libraries are related to the security of your containers.

---

Thanks to the following contributors for making this release possible:

• Akihiro Suda akihiro.suda.cz@hco.ntt.co.jp
• Aleksa Sarai aleksa@amutable.com
• Antti Kervinen antti.kervinen@intel.com
• Ariel Otilibili otilibil@eurecom.fr
• Arina Cherednik arinacherednik034@gmail.com
• Curd Becker me@curd-becker.de
• Dimitri John Ledkov dimitri.ledkov@surgut.co.uk
• Donet Tom donettom@linux.ibm.com
• Efim Verzakov efimverzakov@gmail.com
• Ismo Puustinen ismo.puustinen@intel.com
• Joshua Rogers MegaManSec@users.noreply.github.com
• Kir Kolyshkin kolyshkin@gmail.com
• Lei Wang ssst0n3@gmail.com
• Li Fubang lifubang@acmcoder.com
• Luke Hinds luke@stacklok.com
• Markus Lehtonen markus.lehtonen@intel.com
• Osama Abdelkader osama.abdelkader@gmail.com
• Phil Estes estesp@gmail.com
• Ricardo Branco rbranco@suse.de
• Rodrigo Campos Catelin rodrigo@amutable.com
• Tianon Gravi admwiggin@gmail.com
• Tycho Andersen tycho@tycho.pizza
• Tõnis Tiigi tonistiigi@gmail.com
• Vishal Chourasia vishalc@linux.ibm.com
• zhaixiaojuan zhaixiaojuan@loongson.cn

Signed-off-by: Aleksa Sarai cyphar@cyphar.com

runc v1.4.1 -- "La guerre n'est pas une aventure. La guerre est une maladie. Comme le typhus."

This is the first patch release of the 1.4.z release series of runc.
It primarily includes some fixes for issues found in 1.4.0.

Deprecated

• libcontainer/configs.MPOL_* constants added in runc 1.4.0. (#5110, #5055)

Added

• Preliminary loong64 support. (#5062, #4938)

Fixed

• libct: fix panic in initSystemdProps when processing certain systemd
  properties in the OCI spec. (#5161, #5133)
• libct: fix several file descriptor leaks on error paths. (#5168, #5009)
• Remove unnecessary crypto/tls dependency by open-coding the systemd socket
  activation logic, allowing us to more easily avoid false positive CVE
  warnings. (#5093, #5057)
• Remove legacy os.Is* error usage, improving error type detection to make
  our error fallback paths more robust. (#5162, #5061)
• Go 1.26 has started enforcing a restriction of os/exec.Cmd which caused
  issues with our usage of CLONE_INTO_CGROUP (on newer kernels). This has now
  been resolved. (#5116, #5091)
• Recursive atime-related mount flags (rrelatime et al.) are now applied
  properly. (#5114, #5098)
• Fix a regression in runc exec due to CLONE_INTO_CGROUP in the
  (inadvisable) scenario where a container is configured without cgroup
  namespaces and with /sys/fs/cgroup mounted rw. (#5117, #5101)
• On machines with more than 1024 CPU cores, our logic for resetting the CPU
  affinity will now correctly reset the affinity onto all available cores
  (not just the first 1024). (#5149, #5025)
• PR #4757 caused a regression that resulted in spurious
  cannot start a container that has stopped errors when running
  runc create and has thus been reverted. (#5157, #5153, #5151, #4645, #4757)

Changed

• Previously we made an attempt to make our runc.armhf release binaries work
  with ARMv6 (which would allow runc to work on the original Raspberry Pi).
  Unfortunately, this has effectively always been broken (because we
  cross-compile libseccomp within a Debian container and statically link to
  it) and so we are now officially matching the Debian definition of armhf
  (that is, ARMv7). (#5167, #5103)
• Minor signing keyring updates. (#5147, #5139, #5144, #5148)

Static Linking Notices

The runc binary distributed with this release are statically linked with
the following GNU LGPL-2.1 licensed libraries, with runc acting
as a "work that uses the Library":

• libseccomp

The versions of these libraries were not modified from their upstream versions,
but in order to comply with the LGPL-2.1 (§6(a)), we have attached the
complete source code for those libraries which (when combined with the attached
runc source code) may be used to exercise your rights under the LGPL-2.1.

However we strongly suggest that you make use of your distribution's packages
or download them from the authoritative upstream sources, especially since
these libraries are related to the security of your containers.

---

Thanks to the following contributors for making this release possible:

• Akihiro Suda akihiro.suda.cz@hco.ntt.co.jp
• Aleksa Sarai cyphar@cyphar.com
• Antti Kervinen antti.kervinen@intel.com
• Ariel Otilibili otilibil@eurecom.fr
• Arina Cherednik arinacherednik034@gmail.com
• Curd Becker me@curd-becker.de
• Dimitri John Ledkov dimitri.ledkov@surgut.co.uk
• Efim Verzakov efimverzakov@gmail.com
• Kir Kolyshkin kolyshkin@gmail.com
• Li Fu Bang lifubang@acmcoder.com
• Luke Hinds luke@stacklok.com
• Ricardo Branco rbranco@suse.de
• Rodrigo Campos rata@users.noreply.github.com
• Zhai Xiao Juan zhaixiaojuan@loongson.cn

runc v1.4.0 -- "路漫漫其修远兮，吾将上下而求索！"

This is the first release of the 1.4.z release branch of runc. It
contains a few fixes for issues found in 1.4.0-rc.3. This version of
runc supports runtime-spec v1.3 (see docs/spec-conformance.md for the
few features that are still missing).

This is the second release of runc following our new release and support
policy (see RELEASES.md for more details). This means that, as of this
release:

• The runc 1.2.z release branch will now only receive high severity
  CVE fixes, and will no longer be supported in less than 6 months (end
  of April 2026).
• The runc 1.3.z release branch will now only receive security and
  "significant" bugfixes.
• Users are encouraged to plan migrating to runc 1.4.0 as soon as
  possible.
• Despite this release being delayed by a month, users should still
  expect a runc 1.5.0 release in late April 2026.

Deprecated

• Deprecate cgroup v1. (#4956)
• Deprecate CleanPath, StripRoot, WithProcfd, and WithProcfdFile from
  libcontainer/utils. (#4985)

Breaking

• The handling of pids.limit has been updated to match the newer guidance
  from the OCI runtime specification. In particular, now a maximum limit value
  of 0 will be treated as an actual limit (due to limitations with systemd,
  it will be treated the same as a limit value of 1). We only expect users
  that explicitly set pids.limit to 0 will see a behaviour change.
  (opencontainers/cgroups#48, #4949)

Fixed

• cgroups: provide iocost statistics for cgroupv2. (opencontainers/cgroups#43)
• cgroups: retry DBus connection when it fails with EAGAIN.
  (opencontainers/cgroups#45)
• cgroups: improve cpuacct.usage_all resilience when parsing data from
  patched kernels (such as the Tencent kernels). (opencontainers/cgroups#46,
  opencontainers/cgroups#50)
• libct: close child fds on prepareCgroupFD error. (#4936)
• libct: fix mips compilation. (#4962, #4967)
• When configuring a tmpfs mount, only set the mode= argument if the target
  path already existed. This fixes a regression introduced in our
  CVE-2025-52881 mitigation patches. (#4971, #4976)
• Fix various file descriptor leaks and add additional tests to detect them as
  comprehensively as possible. (#5007, #5021, #5034)
• The "hallucination" helpers added as part of the CVE-2025-52881
  mitigation have been made more generic and now apply to all of our pathrs
  helper functions, which should ensure we will not regress dangling symlink
  users. (#4985)

Changed

• libct: switch to (*CPUSet).Fill. (#4927)
• docs/spec-conformance.md: update for spec v1.3.0. (#4948)

Static Linking Notices

The runc binary distributed with this release are statically linked with
the following GNU LGPL-2.1 licensed libraries, with runc acting
as a "work that uses the Library":

• libseccomp

The versions of these libraries were not modified from their upstream versions,
but in order to comply with the LGPL-2.1 (§6(a)), we have attached the
complete source code for those libraries which (when combined with the attached
runc source code) may be used to exercise your rights under the LGPL-2.1.

However we strongly suggest that you make use of your distribution's packages
or download them from the authoritative upstream sources, especially since
these libraries are related to the security of your containers.

---

Thanks to the following contributors for making this release possible:

• Akihiro Suda akihiro.suda.cz@hco.ntt.co.jp
• Aleksa Sarai cyphar@cyphar.com
• Kir Kolyshkin kolyshkin@gmail.com
• Li Fu Bang lifubang@acmcoder.com
• Rodrigo Campos rata@users.noreply.github.com
• Tianon Gravi admwiggin@gmail.com

runc v1.3.4 -- "Take me to your heart, take me to your soul."

This is the fourth patch release of the 1.3.z release series of runc,
and primarily contains a few fixes for some regressions introduced in
1.3.3.

Fixed

• libct: fix mips compilation. (#4962, #4966)
• When configuring a tmpfs mount, only set the mode= argument if the
  target path already existed. This fixes a regression introduced in our
  CVE-2025-52881 mitigation patches. (#4971, #4976)
• Fix various file descriptor leaks and add additional tests to detect them as
  comprehensively as possible. (#5007, #5021, #5034)

Changed

• Downgrade github.com/cyphar/filepath-securejoin dependency to v0.5.2,
  which should make it easier for some downstreams to import runc without
  pulling in too many extra packages. (#5028)

Static Linking Notices

The runc binary distributed with this release are statically linked with
the following GNU LGPL-2.1 licensed libraries, with runc acting
as a "work that uses the Library":

• libseccomp

The versions of these libraries were not modified from their upstream versions,
but in order to comply with the LGPL-2.1 (§6(a)), we have attached the
complete source code for those libraries which (when combined with the attached
runc source code) may be used to exercise your rights under the LGPL-2.1.

However we strongly suggest that you make use of your distribution's packages
or download them from the authoritative upstream sources, especially since
these libraries are related to the security of your containers.

---

Thanks to the following contributors for making this release possible:

• Akihiro Suda akihiro.suda.cz@hco.ntt.co.jp
• Aleksa Sarai cyphar@cyphar.com
• Kir Kolyshkin kolyshkin@gmail.com
• Li Fu Bang lifubang@acmcoder.com
• Tianon Gravi admwiggin@gmail.com

Signed-off-by: Aleksa Sarai cyphar@cyphar.com

runc v1.2.9 -- "Stars hide your fires, let me rest tonight."

This is the ninth patch release of the 1.2.z release series of runc, and
primarily contains a few fixes for some regressions introduced in 1.2.8.

Fixed

• libct: fix mips compilation. (#4962, #4965)
• When configuring a tmpfs mount, only set the mode= argument if the
  target path already existed. This fixes a regression introduced in our
  CVE-2025-52881 mitigation patches. (#4971, #4974)
• Fix various file descriptor leaks and add additional tests to detect them as
  comprehensively as possible. (#5007, #5021, #5027)

Changed

• Downgrade github.com/cyphar/filepath-securejoin dependency to v0.5.2,
  which should make it easier for some downstreams to import runc without
  pulling in too many extra packages. (#5027)

Static Linking Notices

The runc binary distributed with this release are statically linked with
the following GNU LGPL-2.1 licensed libraries, with runc acting
as a "work that uses the Library":

• libseccomp

The versions of these libraries were not modified from their upstream versions,
but in order to comply with the LGPL-2.1 (§6(a)), we have attached the
complete source code for those libraries which (when combined with the attached
runc source code) may be used to exercise your rights under the LGPL-2.1.

However we strongly suggest that you make use of your distribution's packages
or download them from the authoritative upstream sources, especially since
these libraries are related to the security of your containers.

---

Thanks to the following contributors for making this release possible:

• Aleksa Sarai cyphar@cyphar.com
• Kir Kolyshkin kolyshkin@gmail.com
• Li Fu Bang lifubang@acmcoder.com
• Tianon Gravi admwiggin@gmail.com

Signed-off-by: Aleksa Sarai cyphar@cyphar.com

runc v1.4.0-rc.3 -- "その日、人類は思い出した。"

Note

Some vendors were given patches corresponding to this release in
advance. This public release includes two extra patches to fix
regressions discovered very late during the embargo period and were
thus not included in the pre-release versions. Please update to this
version.

Security

This release includes fixes for the following high-severity security issues:

• CVE-2025-31133 exploits an issue with how masked paths are implemented in
  runc. When masking files, runc will bind-mount the container's /dev/null
  inode on top of the file. However, if an attacker can replace /dev/null
  with a symlink to some other procfs file, runc will instead bind-mount the
  symlink target read-write. This issue affected all known runc versions.

• CVE-2025-52565 is very similar in concept and application to
  CVE-2025-31133, except that it exploits a flaw in /dev/console
  bind-mounts. When creating the /dev/console bind-mount (to /dev/pts/$n),
  if an attacker replaces /dev/pts/$n with a symlink then runc will
  bind-mount the symlink target over /dev/console. This issue affected all
  versions of runc >= 1.0.0-rc3.

• CVE-2025-52881 is a more sophisticated variant of CVE-2019-19921,
  which was a flaw that allowed an attacker to trick runc into writing the LSM
  process labels for a container process into a dummy tmpfs file and thus not
  apply the correct LSM labels to the container process. The mitigation we
  applied for CVE-2019-19921 was fairly limited and effectively only caused
  runc to verify that when we write LSM labels that those labels are actual
  procfs files. This issue affects all known runc versions.

Fixed

• Switched to (*CPUSet).Fill rather than our hacky optimisation when
  resetting the CPU affinity of runc. (#4926, #4927)
• Correctly close child fds during (*setns).start if an error occurs.
  (#4930, #4936)

Static Linking Notices

The runc binary distributed with this release are statically linked with
the following GNU LGPL-2.1 licensed libraries, with runc acting
as a "work that uses the Library":

• libseccomp

The versions of these libraries were not modified from their upstream versions,
but in order to comply with the LGPL-2.1 (§6(a)), we have attached the
complete source code for those libraries which (when combined with the attached
runc source code) may be used to exercise your rights under the LGPL-2.1.

However we strongly suggest that you make use of your distribution's packages
or download them from the authoritative upstream sources, especially since
these libraries are related to the security of your containers.

---

Thanks to the following contributors for making this release possible:

• Akihiro Suda akihiro.suda.cz@hco.ntt.co.jp
• Aleksa Sarai cyphar@cyphar.com
• Kir Kolyshkin kolyshkin@gmail.com
• Lei Wang ssst0n3@gmail.com
• Li Fubang lifubang@acmcoder.com
• Rodrigo Campos rodrigoca@microsoft.com
• Tõnis Tiigi tonistiigi@gmail.com

Signed-off-by: Aleksa Sarai cyphar@cyphar.com

runc v1.3.3 -- "奴らに支配されていた恐怖を"

Note

Some vendors were given a pre-release version of this release.
This public release includes two extra patches to fix regressions
discovered very late during the embargo period and were thus not
included in the pre-release versions. Please update to this version.

This release contains fixes for three high-severity security
vulnerabilities in runc (CVE-2025-31133, CVE-2025-52565, and
CVE-2025-52881). All three vulnerabilities ultimately allow (through
different methods) for full container breakouts by bypassing runc's
restrictions for writing to arbitrary /proc files.

Security

• CVE-2025-31133 exploits an issue with how masked paths are implemented in
  runc. When masking files, runc will bind-mount the container's /dev/null
  inode on top of the file. However, if an attacker can replace /dev/null
  with a symlink to some other procfs file, runc will instead bind-mount the
  symlink target read-write. This issue affected all known runc versions.

• CVE-2025-52565 is very similar in concept and application to
  CVE-2025-31133, except that it exploits a flaw in /dev/console
  bind-mounts. When creating the /dev/console bind-mount (to /dev/pts/$n),
  if an attacker replaces /dev/pts/$n with a symlink then runc will
  bind-mount the symlink target over /dev/console. This issue affected all
  versions of runc >= 1.0.0-rc3.

• CVE-2025-52881 is a more sophisticated variant of CVE-2019-19921,
  which was a flaw that allowed an attacker to trick runc into writing the LSM
  process labels for a container process into a dummy tmpfs file and thus not
  apply the correct LSM labels to the container process. The mitigation we
  applied for CVE-2019-19921 was fairly limited and effectively only caused
  runc to verify that when we write LSM labels that those labels are actual
  procfs files. This issue affects all known runc versions.

Added

• runc update now supports configuring per-device weights and iops. (#4775,
  #4807, #4825, #4931)

Static Linking Notices

The runc binary distributed with this release are statically linked with
the following GNU LGPL-2.1 licensed libraries, with runc acting
as a "work that uses the Library":

• libseccomp

The versions of these libraries were not modified from their upstream versions,
but in order to comply with the LGPL-2.1 (§6(a)), we have attached the
complete source code for those libraries which (when combined with the attached
runc source code) may be used to exercise your rights under the LGPL-2.1.

However we strongly suggest that you make use of your distribution's packages
or download them from the authoritative upstream sources, especially since
these libraries are related to the security of your containers.

---

Thanks to the following contributors for making this release possible:

• Akihiro Suda akihiro.suda.cz@hco.ntt.co.jp
• Aleksa Sarai cyphar@cyphar.com
• Kir Kolyshkin kolyshkin@gmail.com
• Lei Wang ssst0n3@gmail.com
• Li Fubang lifubang@acmcoder.com
• Rodrigo Campos rodrigoca@microsoft.com
• Tõnis Tiigi tonistiigi@gmail.com

Signed-off-by: Aleksa Sarai cyphar@cyphar.com

runc v1.2.8 -- "鳥籠の中に囚われた屈辱を"

Note

Some vendors were given a pre-release version of this release.
This public release includes two extra patches to fix regressions
discovered very late during the embargo period and were thus not
included in the pre-release versions. Please update to this version.

This release contains fixes for three high-severity security
vulnerabilities in runc (CVE-2025-31133, CVE-2025-52565, and
CVE-2025-52881). All three vulnerabilities ultimately allow (through
different methods) for full container breakouts by bypassing runc's
restrictions for writing to arbitrary /proc files.

Security

• CVE-2025-31133 exploits an issue with how masked paths are implemented in
  runc. When masking files, runc will bind-mount the container's /dev/null
  inode on top of the file. However, if an attacker can replace /dev/null
  with a symlink to some other procfs file, runc will instead bind-mount the
  symlink target read-write. This issue affected all known runc versions.

• CVE-2025-52565 is very similar in concept and application to
  CVE-2025-31133, except that it exploits a flaw in /dev/console
  bind-mounts. When creating the /dev/console bind-mount (to /dev/pts/$n),
  if an attacker replaces /dev/pts/$n with a symlink then runc will
  bind-mount the symlink target over /dev/console. This issue affected all
  versions of runc >= 1.0.0-rc3.

• CVE-2025-52881 is a more sophisticated variant of CVE-2019-19921,
  which was a flaw that allowed an attacker to trick runc into writing the LSM
  process labels for a container process into a dummy tmpfs file and thus not
  apply the correct LSM labels to the container process. The mitigation we
  applied for CVE-2019-19921 was fairly limited and effectively only caused
  runc to verify that when we write LSM labels that those labels are actual
  procfs files. This issue affects all known runc versions.

Static Linking Notices

The runc binary distributed with this release are statically linked with
the following GNU LGPL-2.1 licensed libraries, with runc acting
as a "work that uses the Library":

• libseccomp

The versions of these libraries were not modified from their upstream versions,
but in order to comply with the LGPL-2.1 (§6(a)), we have attached the
complete source code for those libraries which (when combined with the attached
runc source code) may be used to exercise your rights under the LGPL-2.1.

However we strongly suggest that you make use of your distribution's packages
or download them from the authoritative upstream sources, especially since
these libraries are related to the security of your containers.

---

Thanks to the following contributors for making this release possible:

• Aleksa Sarai cyphar@cyphar.com
• Kir Kolyshkin kolyshkin@gmail.com
• Lei Wang ssst0n3@gmail.com
• Li Fubang lifubang@acmcoder.com
• Rodrigo Campos rodrigoca@microsoft.com
• Tõnis Tiigi tonistiigi@gmail.com

Signed-off-by: Aleksa Sarai cyphar@cyphar.com

runc v1.4.0-rc.2 -- "私の役目は信じるかどうかではない。行うかどうかだ。"

This is the second release candidate of the runc 1.4.0 release. It
includes a few minor features that did not make the cut-off for
v1.4.0-rc.1 (namely CLONE_INTO_CGROUP support and some new Intel RDT
features).

Users are strongly encouraged to test our release candidates over the
next month so we can fix issues before the general release. You should
expect runc 1.4.0 to be released at the end of October 2025 (at which
point, runc 1.2.z will only receive high-severity security fixes for 6
months and users are thus very strongly encouraged to migrate to a newer
version).

libcontainer API

• The deprecated libcontainer/userns package has been removed; use
  github.com/moby/sys/userns instead. (#4910, #4911)

Added

• Allow setting user.* sysctls for user-namespaced containers, as they are
  namespaced and thus safe to configure. (#4889, #4892)
• Add support for using clone3(2)'s CLONE_INTO_CGROUP flag when
  configuring the runc exec process. This also included some internal
  changes to how we add processes to containers. (#4822, #4812, #4920)
• Add support for configuring the NUMA pmemory policy for a container with
  set_mempolicy(2). (opencontainers/runtime-spec#1282, #4726, #4915)
• Add support for intelRdt.schemata to allow for configuration of all
  schemas in resctrl. (opencontainers/runtime-spec#1230, #4830, #4915)
• Add support for intelRdt.enableMonitoring to allow for per-container
  resctrl monitoring. This replaces the old intelRdt.enableCMT and
  intelRdt.enableMBM options which were never implemented by runc and have
  been removed from the runtime-spec. (opencontainers/runtime-spec#1287,
  #4832, #4921)

Fixed

• Configure personality(2) before applying seccomp profiles. (#4900, #4903)
• Fixed integration test failure on ppc64, caused by 64K page size so the
  kernel was rounding memory limit to 64K. (#4841, #4895, #4893)
• seccompagent: fix fd close loop to prevent closing stdio in the error path.
  (#4913, #4923)

Static Linking Notices

The runc binary distributed with this release are statically linked with
the following GNU LGPL-2.1 licensed libraries, with runc acting
as a "work that uses the Library":

• libseccomp

The versions of these libraries were not modified from their upstream versions,
but in order to comply with the LGPL-2.1 (§6(a)), we have attached the
complete source code for those libraries which (when combined with the attached
runc source code) may be used to exercise your rights under the LGPL-2.1.

However we strongly suggest that you make use of your distribution's packages
or download them from the authoritative upstream sources, especially since
these libraries are related to the security of your containers.

---

Thanks to the following contributors for making this release possible:

• Aleksa Sarai cyphar@cyphar.com
• Antti Kervinen antti.kervinen@intel.com
• Donet Tom donettom@linux.ibm.com
• Joshua Rogers MegaManSec@users.noreply.github.com
• Kir Kolyshkin kolyshkin@gmail.com
• Markus Lehtonen markus.lehtonen@intel.com
• Rodrigo Campos rodrigoca@microsoft.com
• Tycho Andersen tycho@tycho.pizza
• Vishal Chourasia vishalc@linux.ibm.com
• Li Fubang lifubang@acmcoder.com

Signed-off-by: Aleksa Sarai cyphar@cyphar.com